Spam sinners may be virus victims, says expert

If there is a day of judgement for spammers, the place of eternal damnation should be crowded with Americans covered in fake penis enlargement patches and fed a constant diet of chalk pills labelled "Viagra".

Australians will be there, too, but only a tiny group, responsible mostly for casino and porn-site spam.

These are the conclusions from an analysis over two days of hundreds of thousands of spam messages by Sophos, a British-based internet security firm.

The US tops the Sophos "dirty dozen", with 56.74 per cent of the estimated 2 billion daily spam messages.

Canada is next, with only 6.8 per cent, followed by China (including Hong Kong) at 6.24 per cent. Australia comes in at number 10, with only 1.21 per cent of the world total.

But Rob Forsyth, managing director of Sophos Australia, says some of the apparent sinners may be innocent victims.

"Although a large amount of spam is being sent from US computers, much of it is going out without the computer owner's knowledge," he said. "Hackers appear to be breaking into PCs in other countries and using them to send spam."

Computer experts say that even domestic computer users should protect themselves with software available from shops and most internet providers.

The recent MyDoom virus, rated one of the most damaging to hit the internet so far, opens a communications port on each PC it infects, allowing hackers to hijack them.

Some suggest MyDoom's author could have been working for a large US spammer looking for ways to continue its business without risking prosecution under pending US state and federal laws.

"Our intelligence suggests that a large amount of spam originates in Russia, even though that country rates only number 28 on our list," Mr Forsyth said.

The Australian Spam Act, passed by Federal Parliament last year, comes into force on April 10 and prohibits the sending of unsolicited email that has an Australian link.

Unlike the US, which uses an "opt-out" formula that allows spam unless the recipient expressly rejects it, Australian law requires consent to receive messages.